##
# This controller allows the user to change his/her own password
class PasswordChangerController < ApplicationController
  layout 'scaffold'
	# session must be active!
	verify :session => 'user',
				 :add_flash => { :error => 
					 							 'you must be logged in to manage user accounts' },
				 :redirect_to => { :controller => 'user', :action => :login}
  
  ##
  # displays the change-dialog
  def index
  end
  
  ##
  # changes the password
  def submit
    user = User.find(session['user'].id)
    if(params[:user][:password_confirmation] != params[:user][:password])
      flash[:error] = 'Error, you have typing errors in your password!'
      redirect_to :action => 'index'
      return
    end
    user.change_password(params[:user][:password])
    flash[:notice] = 'Your password has been changed successfully'
    render :action => 'index'
  end
end